Vulnerability Description
Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering page and referenced objects to be deleted.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xpcom | Xpcom | All versions |
References
- http://marc.info/?l=bugtraq&m=112199282029269&w=2
- http://securitytracker.com/id?1014548
- http://securitytracker.com/id?1014550
- http://www.gulftech.org/?node=research&article_id=00091-07212005
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21472
- http://marc.info/?l=bugtraq&m=112199282029269&w=2
- http://securitytracker.com/id?1014548
- http://securitytracker.com/id?1014550
- http://www.gulftech.org/?node=research&article_id=00091-07212005
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21472
FAQ
What is CVE-2005-2414?
CVE-2005-2414 is a vulnerability with a CVSS score of 2.6 (LOW). Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML f...
How severe is CVE-2005-2414?
CVE-2005-2414 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2414?
Check the references section above for vendor advisories and patch information. Affected products include: Xpcom Xpcom.